Open source has been nothing short of a phenomenon. It’s estimated that 90% of production code is sourced from public repos, which has enabled the pace of software development to be an order of magnitude more efficient. Yet, we curse open source daily given the security tradeoffs that accompany it. These tradeoffs serve as an anchor that bogs down our brightest engineers to patch vulnerabilities rather than build cool stuff.
The history of Linux exemplifies this reality. Linux launched in the early 90s and gained developer notoriety but lacked enterprise adoption out of the gates due to concerns around stability and security. Only with the launch of Red Hat Enterprise Linux (RHEL) and Ubuntu did enterprises gain the necessary comfort to use Linux in production in even the most sensitive environments. Since then, Linux has become so ubiquitous that it powers over 90% of the public cloud. It’s not a stretch to say that the very cloud infrastructure we take for granted on a daily basis might not exist in its current state without enablers like RHEL.
The bottlenecks that prevented widespread Linux adoption in the 90s exist today at various layers above the OS, from programming languages to databases to container images. While open source usage across is pervasive, significant developer time is spent patching applications in production. Engineers play a perennial game of whack a mole to patch vulnerabilities. As soon as one is fixed, two new ones arise. Think of the endless possibilities that would emerge if engineers weren’t burdened with mind numbing yet mission critical patching work.
Finally, thanks to Chainguard, they won’t have to be. Chainguard creates distro-less, CVE-free images from the ground up with a vision of becoming the “safe source for open source”. The company builds and maintains a library of nearly 800 and counting of the most popular and foundational images like Go, Python, Nginx, Clickhouse, and others that developers build applications on top of, in turn eliminating CVEs for those applications entirely. Enterprises ranging from Snowflake to Canva and American Airlines to HPE use Chainguard to build better, more secure software.
Founders Dan Lorenc, Matthew Moore, Kim Lewandowski, and Ville Aikas, are purpose-built to tackle this problem. They worked together for years at Google contributing to the earliest versions of Kubernetes and numerous other important open source projects. They are second to none in understanding how to deconstruct open source libraries and automate patching. The history their team shares is a secret weapon, a cornered resource, that allows them to understand the problem set intimately and create a world-class solution.
In the same way RHEL and Ubuntu unshackled the use of Linux, we expect Chainguard to free developers of the painstaking work required to build CVE free applications. In 10 years, while we’re busy taking the next big secular shift in technology for granted, odds are we’ll have Chainguard to thank.
Authors
